In message <4.3.2.7.2.20041209191502.00dc8100@server.frh.utn.edu.ar>,
Fernando Gont writes:


>You can get the latest version of the draft from:
>http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html

If you really want constructive criticism, I think you'd be much
better off not spamming anyone who goes to that URL with popup ads.

Also, is there some good reason why the URL is set up to make it hard
to save a text version of your non-IETF working draft?  If you
genuinely want constructive criticism, you should make the working
draft available in text form, for careful perusal outside a web browser.

>(Constructive) comments on the draft are more than welcome.

I'm afraid that all you will get from me is feedback on the
IETF-archived -01 draft, available from (amongst others)
ftp://ftp.isi.edu/in-notes/internet-drafts/draft-gont-tcpm-icmp-attacks-01.txt
via non-onerous means.


>P.S.: As far as I understand NetBSD does not check TCP sequence numbers. 
>Not sure how you handle the PMTUD issue, either.

NetBSD implements PMTUD, and a version of Dave Borman's syn-cache
code.  Not sure what other TCP sequence-number checks you're refer to;
the Cisco-patented window-checks designed for attacks against BGP, or
something else?